2. SAE AS6802: „Time-Triggered
Ethernet“ (TTEthernet)
Public specification available since 2008
IP designed to DO-254/DO-178B Level A
◦ formal proof of protocol algorithms
used for IEC61508 SIL-rated systems
Standardization at SAE
◦ SAE standardization project started in 2009
◦ SAE Standard release in November 2011
◦ http://standards.sae.org/as6802
2
3. What is „Time-Triggered“?
Predictable (deterministic) communication
◦ Fixed latency, µs-jitter, TDMA
System timebase available, but no master clock
(alignment of local clocks in µs!)
Autonomous network operation
◦ based on scheduled communication and system time
Examples:
◦ FlexRay
◦ TTP (SAE AS6003)
◦ TTEthernet (SAE AS6802)
3
4. What is Ethernet, really?
A family of frame-based standards for
LAN/MAN networks by IEEE802
◦ Standard physical medium
◦ Set of medium access control rules with fair
arbitration
◦ Variable size packets in Ethernet format
4
5. SAE AS6802: „Time-Triggered
Ethernet“ (TTEthernet)
The objective was to:
◦ make Ethernet viable for any time-, safety- and mission-
critical embedded system application (SAE AS6802 is a
Layer 2 protocol service)
◦ … and retain asynchronous communication capabilities
The objective was NOT to:
◦ create yet another real-time industrial Ethernet network,
that is incompatible with IEEE802.3 or standard Ethernet
LAN
In fact it is a service …
◦ compare it to deterministic VLAN messaging with fixed
end-to-end latency and µs-jitter!
5
6. SAE AS6802: A Layer 2 QoS Enhancement
Time-Triggered Ethernet (TTEthernet)
Allows integration of low-latency, low-jitter and
standard LAN applications
6
7. SAE AS6802: A Layer 2 QoS Enhancement
Time-triggered extensions (Layer 2) implemented in an
Ethernet switch enable deterministic unified networking
◦ Synchronous startup
◦ Synchronous recovery
◦ Robust fault-tolerant
distributed clock
◦ Foundation for synchronous
communication and robust
bandwidth partitioning
in Ethernet networks
7
8. Summary:
System Designer Perspective
SAE AS6802 is just another Ethernet service
Add SAE AS6802 service to Ethernet switch
◦ capabilities to design Ethernet-based
time-, safety- and mission critical system !
Add other comptible IEEE802.1 Layer 2 services
to gain specific capabilities and support
(deterministic) unified networking
◦ VLAN(IEEE802.1Q), DCB, IEEE1588/IEEE802.1AS,
Rate-contrained services with traffic shaping, etc.
Use Ethernet as a deterministic network capable
of handling different types of time-critical traffic
8
10. Capabilities: Distributed
Fault-tolerant Synchronization
Robust algorithm based on exchange of
asynchronous IEEE802.3 messages
Synchronizes local clocks – system time (!)
◦ no wall clock (external time source - e.g. GPS) required
Fail-operational:
◦ tolerates multiple faults
◦ tolerates byzantine
synchronization faults
◦ no search for best master
(distributed clock!)
Provides defined worst-case synchronous startup
& recovery time (in ms)
10
11. Capabilities:
Synchronous Communication
System time available on switches and endsystems
◦ Scheduled traffic can have fixed latency and µs-jitter
◦ Switch knows when the message is forwarded
11
12. Capabilities:
Deterministic Unified Ethernet
Synchronous and Asynchronous Traffic
„Virtual links“ are forwarded through 100BASE-TX, 1000BASE-CX,
1000BASE-SX or other Ethernet physical layer connections
12
13. Capabilities: Robust Partitioning for
Deterministic Unified Ethernet
Mechanisms:
◦ Switch knows the traffic schedule for synchronous (TT) traffic
◦ Switch knows about properties of time-sensitive traffic and
possible time-violations
e.g. for AFDX / ARINC664 (e.g. rate constrained – BAG, periodicity)
◦ Switch knows when the best effort (asynchronous) traffic can be scheduled to
prevent violation of temporal constraints for RC and TT
Configuration Configuration
for TT Traffic for RC Traffic
Synchronous (TT)
Traffic
Time-Sensitive Traffic (RC)
Scheduling Output Port
Logic
Asynchronous
(Priority-Driven and/or Lossless)
(Switch)
13
14. Capabilities:
Deterministic Unified Ethernet
What if synchronous links (VLs) are reserved, but
the message is not sent?
◦ … ECU / LRU is not installed
◦ … Function is
currently inactive
Dynamic Bandwidth Release: immediate
availability for asynchronous traffic
14
17. Positioning: SAE AS6802 for
Deterministic Unified Ethernet
QoS in shared Ethernet networks
17
18. TTEthernet Switch with
SAE AS6802 / ARINC664-P7
TTEthernet
Switch
Services Used QoS Protocol Services
TTEthernet
RC TT
Switch Behavior BE
(ARINC664) (SAE AS6802)
RC Switch X - -
RC Switch w/ A/V and hard-RT X X -
TTEthernet Switch
- X -
(synch. AS6802 comm. only)
Plain TTEthernet Switch - X X
IEEE802.3 switch - - X
Mixed Criticality TTEthernet Switch X X X
18
19. Positioning: SAE AS6802 for
Deterministic Unified Ethernet
QoS in shared Ethernet networks
19
21. SAE AS6802 in IEC61850 Context
GOOSE Messages (low-latency, critical) can be
sent via time-triggered messgaes
Protection
Control &
Protection
Data
Data
Data
Data
22
22. Impact on System Design
Mirko Jakovljevic, TTTech
/ SAE AS-2D
23 PAPER #
23. Why Deterministic
Time-Triggered Networks ?
Network capabilities impact architecture and
application design
◦ the number of ECUs, wiring and weigth
◦ use of network bandwidth
and computing resources
◦ level of functional integration
◦ system and application complexity
cost of SW/HW design and integration
◦ maintenance, reuse and upgrades
◦ obsolescence management
◦ certification
◦ … 24
24. Advanced System Integration
Distributed
Integrated Modular
Architectures (DIMA)
Statistical
Multiplexing Many high- and low-level
functions share distributed
computing and networking
resources
TDMA
Multiplexing
gh
Federated
Integrated Modular Hi !!
y !
Architectures er MA
(e.g. IMA) :V I
Computing Resources v el an
Le is
?
(one function per box)
Many higher level functions on n em
tio yst
Networking Resources one processing module ra S
(physically separated te g le
unidirectional links) Additional low-level functions via I n ho How DIMA covers
networked RDCs W this gap?
gap?
Integ
r
vel: Hig
h Fede ation Lev
Integr ation Le rated el
Arch : Very Lo
Integration Level: Low itect
ures w
25
25. Resource Use & Complexity Reduction
Maximize use of network bandwidth and computing resources
for critical embedded functions
◦ Reduce uncertainity, jitter and unintended system states
Improve functional alignment (and separation!)
◦ Simplified sensor fusion
◦ Simplified distributed processing
◦ Simplified redundancy management
26
26. Integrating many functions on few
ECUs
Emulate distributed computer / reflective memory
Integrate critical and non-critical functions
27
27. SAE AS6802 in Critical Applications
Robust TDM-style bandwidth partitioning
(Hard) Real-time operation
Strictly deterministic system operation
Predictable computing and networking resource
sharing
Alignment of different functions accross the
systems
Design of advanced system architectures for
minimizing SWaP
System complexity reduction
(system state explosion!)
28
28. SAE AS6802 in Critical Applications
If we managed to go from federated to integrated
architectures …
◦ Read: time/space partitioning at module level
… we can manage transition to „distributed AND
integrated“ architectures
◦ Read:
time/space partitioning at module level plus time
partitioning at network level
system-level partitioning (of all computing and networking
resources)
Predictable virtualization of complex embedded systems
29
29. New activities on SAE AS-2D agenda?
SAE AS6802 (TTEthernet)
◦ Scheduling and system design
◦ Application Handbook
◦ Complexity reduction
◦ Linear Deterministic Networks
◦ Closer work with IEEE?
30
30. Q&A
Visit Deterministic Ethernet / LinkedIn Group (!!)
Mirko Jakovljevic, TTTech
/ SAE AS-2D
mirko.jakovljevic@tttech.com
31 PAPER #